Repository: ambari Updated Branches: refs/heads/branch-2.5 6e462d46c -> 682bd2319
AMBARI-20768. Local Ambari user with no cluster role must not be able to access Logsearch UI (Keta Patel via oleewere) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/682bd231 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/682bd231 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/682bd231 Branch: refs/heads/branch-2.5 Commit: 682bd23194db38ddfeff2743888a9dee91bf514d Parents: 6e462d4 Author: oleewere <oleew...@gmail.com> Authored: Thu Apr 20 13:35:25 2017 +0200 Committer: oleewere <oleew...@gmail.com> Committed: Thu Apr 20 13:36:00 2017 +0200 ---------------------------------------------------------------------- .../security/LogsearchExternalServerAuthenticationProvider.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/682bd231/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java index e23f0a2..1dab126 100644 --- a/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java +++ b/ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProvider.java @@ -122,8 +122,9 @@ public class LogsearchExternalServerAuthenticationProvider extends LogsearchAbst List<String> values = new ArrayList<>(); JSONUtil.getValuesOfKey(responseJson, PrivilegeInfo.PERMISSION_NAME.toString(), values); - if (values.isEmpty()) - return true; + if (values.isEmpty()) { + return false; + } if (allowedRoleList.length > 0 && responseJson != null) { for (String allowedRole : allowedRoleList) {